Oh no, not GDPR again! 12 months on and what’s has happened?

What should you know about GDPR a year after it landed?

On 25 May last year, the most significant change in data
privacy regulations for two decades came into force, the General Data
Protection Regulation (GDPR).

Officially known as Regulation (EU) 2016/679, GDPR was
billed as “a directive by which the European Parliament, the Council of the
European Union and the European Commission intend to strengthen and unify data
protection for all individuals within the EU”.

It also looked to address the export of personal data
outside the EU, as well as giving back to people control over their personal
data, and simplifying the regulatory environment for international business by
unifying the parameters within the EU.

And it all came about because of the bad boys; hackers and
their cyber attacks and data breaches, as well as the growing controversy
around data collection and consumers’ concerns over how it was being used. The GDPR
sought to rule out the possibility of gathering data through opt-out consent;
something that many businesses had previously deployed.

Almost 12 months on and according to the Government, the GDPR
has made more UK businesses increasingly resilient to cyber risks, although companies
still have much more to do.

In the Government’s latest annual cyber security breach
survey, carried out in the final three months of 2018, 1,566 businesses were
asked if they had experienced cyber security breaches or attacks within the
previous 12 months. Thirty-two per cent of respondents said they had; down from
the 43 per cent in the previous year’s survey, and this drop has been the
attributed in part to measures businesses have undertaken to comply with the GDPR.

According to the Cyber Security Breaches Survey 2019: “The
new data protection law has encouraged and compelled many organisations over
the past 12 months to either engage formally with (cyber risk) for the first
time, or in some cases to strengthen their existing policies and processes.

“This has helped to raise the floor in cyber security,
with more micro businesses taking action against the risks in 2019 than in
2018. It may help, among other factors, to explain the fall in the number of
businesses, especially micro businesses, experiencing breaches or attacks since
2018.”

Cyber risk expert Ian Birdsey, of international law firm
Pinsent Masons, has stated that “while some SME businesses have taken certain
limited steps to prepare for the GDPR… a high proportion of those
organisations are not prepared for a data breach and have not taken essential
security steps either to prevent an incident, for example by implementing
multi-factor authentication for systems access, or be in a position to respond
to an incident, such as by activating logging”.

Despite all the progress made since last year only a
minority of micro and small businesses have written cyber security policies or
a formal incident management processes in place, or have arranged any form of specific
training, or have senior staff with a particular responsibility for it as part
of their job role. Conversely, GDPR has accelerated the pace of change across
organisations and businesses are now seeing cyber security as a higher priority
more than ever before.

As for large businesses, the Government report found that more of these have board members with a cyber security brief, although it’s still a minority with a disappointing 41 per cent not having it. Instilling better knowledge and understanding of cyber security across board members can be the difference between cyber security being treated as a fairly high priority, or a very high priority.

If you still find yourself confused and concerned about GDPR and your IT security, we can help – talk to one of our security specialists on 0333 241 9301.

Stay in touch with Vital updates

To subscribe for updates, please enter your details below, we promise we won't bombard you with emails.

First Name

Last Name

Email

Vital Technology Group needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For more information, check out our Privacy Policy.

To view this video please enable JavaScript, and consider upgrading to a
web browser that
supports HTML5 video

To view this video please enable JavaScript, and consider upgrading to a
web browser that
supports HTML5 video

To view this video please enable JavaScript, and consider upgrading to a
web browser that
supports HTML5 video

To view this video please enable JavaScript, and consider upgrading to a
web browser that
supports HTML5 video